Remote Code Execution Flaw Found in CUPS Printing System (Limited Impact)
https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I A series of vulnerabilities have been discovered in the CUPS (Common Unix Printing System) open-source printing software that could potentially allow attackers to execute code remotely on...Critical Vulnerability Found in Nvidia Container Toolkit
https://www.wiz.io/blog/wiz-research-critical-nvidia-ai-vulnerability A severe security flaw has been discovered in Nvidia’s Container Toolkit, a widely used tool for running AI applications in containerized environments. The vulnerability, designated...NIST Proposes Sweeping Changes to Password Policies: Mandatory Resets and Character Rules Out
https://pages.nist.gov/800-63-4/sp800-63b.html The National Institute of Standards and Technology (NIST) has proposed a significant overhaul of password policies in its updated Digital Identity Guidelines (SP 800-63-4). These proposed changes aim to simplify password...CISA Boss Calls for More Secure Software Development
https://www.theregister.com/2024/09/20/cisa_sloppy_vendors_cybercrime_villains Jen Easterly, the director of the Cybersecurity and Infrastructure Security Agency (CISA), has urged software developers to prioritize security in their products. In a keynote address at...Australian Government Suffers Surge in Cyber Attacks, Social Engineering Most Common Tactic
https://www.itnews.com.au/news/gov-reported-44-cyber-breaches-in-first-six-months-of-2024-611646 Australian government agencies experienced a significant rise in cyberattacks during the first half of 2024, according to a report by the Office of the Australian...Clever ‘GitHub Scanner’ Campaign Abusing Repos to Push Malware
https://www.bleepingcomputer.com/news/security/clever-github-scanner-campaign-abusing-repos-to-push-malware A new phishing campaign is abusing GitHub’s “Issues” feature to distribute the Lumma Stealer password-stealing malware, targeting unsuspecting open-source...US Dismantles Chinese Government-Linked Botnet Targeting Hundreds of Thousands of Devices
https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/peoples-republic-china-linked-actors-compromise-routers-and-iot-devices-botnet-operations The US Department of Justice (DOJ) announced the successful disruption of a massive botnet run by a...Paying Ransomware Doesn’t Guarantee File Recovery, Even With Decryptor
Hazard Ransomware – A Successful Broken Encryptor Story In a stark reminder of the risks associated with ransomware attacks, recent incidents have highlighted that paying the ransom doesn’t always guarantee successful data recovery, even when attackers provide a...